On Sat, 30 Oct 2004, Andrew Bartlett wrote:
Actually, now I re-read this, I think know what you you mean:
0 YR ........ 1 YR ...... 1 TT ######### 1 KK ......
Is there are 'shutdown' command?
What you refer to by 'shutdown'?
There is not yet any explicit command for "authentication session aborted", it simply resets on the next YR with the same session identifier. Not sure if this is needed.
Shutdown of the helper is on EOF as before. The only difference is that the helper should take care to respond to all pending requests before exiting if reordering is supported by the helper. If reordering is not supported by the helper then there won't be any pending requests when it detects EOF so nothing has really changed then on shutdown.
This very simple scheme buys two things
a) For stateful helpers it allows the same helper instance to maintain a large number of sessions. In case of NTLM it allows the same helper to have multiple pending challenges.
b) In all helpers it allows batching of several operations, reducing the amount of context switching required.
c) It (optionally at the helpers discretion) allows for the helper to respond to the pending queries in any order it likes, allowing the same helper instance to continue processing queries while waiting for external lookups such as winbind / DNS / databases / whatever.
Regards Henrik
